[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Traffic Logging Suggestion




Michael Holstein <michael.holstein@xxxxxxxxxxx> wrote

>I do believe one Russian exit node (was/is?) doing that .. by posting
>usernames/passwords (I guess they're dunning dsniff or whatever on their
>TOR box and piping the output to a webserver).

>Their stated motivation for this was to drive home the point about
>end-to-end encryption, but I question their methods, which brings me to

>ExcludeNodes .. a handy config variable ;)



woowoo Thats a pretty nasty way of making that point. After most web sites on the open internet dont support encryption, unless you are making a payment.


The problem with using excludenodes is that we all have to do it as individuals - which is a whole lot of work. In a system using a network wide exclusion (unverifiednodes etc) the primary level protectionj is done for us.

And we would also all have to do our own "watching" for dangerous nodes. There's no WARNING system in place.

Its a whole lot of work we now need to do.

As yet nobody has given the ips of these loggin nodes yet and we've been talking about this for a couple of days.

Shall I just exclude every node in the usa if i go to a us site?
Will that work?


From the operation logs (i have no vidalia) my exludenodes now seems to work. I did about 3 hours of updating my win2kOS earlier this week, maybe this has made a difference.

Whats been puzzling me though is the selftest circuit on start up.

It circuit length is 3 nodes. Does this mean I could write a modified version of the code with a self test length of 2 nodes, which would work?


CA



-- 
Message sent with Supanet E-mail

Signup to supanet at https://signup.supanet.com/cgi-bin/signup?_origin=sigwebmail